libjava/classpath/ChangeLog.gcj:

2007-05-31  Matthias Klose  <doko@ubuntu.com>

        * javax/management/NotificationBroadcasterSupport.java
        (getNotificationInfo): Add cast.
        * native/jni/qt-peer/Makefile.am (AM_CXXFLAGS): Add libstdc++ include
        directories.
        * native/jni/qt-peer/Makefile.in: Regenerate.

libjava/ChangeLog:

2007-06-03  Matthias Klose  <doko@ubuntu.com>

        * java/io/natFileWin32.cc (setFilePermissions): New (stub only).
        _access: Handle EXEC query, stub only.

2007-06-03  Matthias Klose  <doko@ubuntu.com>

        Merged from classpath:
        * gnu/java/nio/SelectorProviderImpl.java: Whitespace merge.
        * java/lang/System.java(inheritedChannel): New.
        * java/lang/Character.java: Remove stray`;'.
        * java/net/MulticastSocket.java: Merged.
        * java/text/DateFormatSymbols.java(getInstance): New, comment updates.
        * java/text/Collator.java(getInstance): Merged.
        * java/util/Calendar.java: New attributes ALL_STYLES, SHORT, LONG.
        getDisplayName, getDisplayNames: New.
        * java/util/logging/Logger.java: Merged.
        * Regenerate .class and .h files.

2007-06-03  Matthias Klose  <doko@ubuntu.com>

        * java/io/File.java: Merge with classpath-0.95, new method
        setFilePermissions, new attribute EXEC.
        * java/io/natFilePosix.cc (setFilePermissions): New.
        _access: Handle EXEC query.
        * classpath/lib/java/io/File.class, java/io/File.h: Regenerate.

2007-06-03  Matthias Klose  <doko@ubuntu.com>

        Imported GNU Classpath 0.95.

        * classpath/Makefile.in,
        classpath/native/jni/midi-dssi/Makefile.in,
        classpath/native/jni/classpath/Makefile.in,
        classpath/native/jni/Makefile.in,
        classpath/native/jni/gconf-peer/Makefile.in,
        classpath/native/jni/java-io/Makefile.in,
        classpath/native/jni/native-lib/Makefile.in,
        classpath/native/jni/java-util/Makefile.in,
        classpath/native/jni/midi-alsa/Makefile.in,
        classpath/native/jni/java-lang/Makefile.in,
        classpath/native/jni/java-nio/Makefile.in,
        classpath/native/jni/java-net/Makefile.in,
        classpath/native/jni/xmlj/Makefile.in,
        classpath/native/jni/qt-peer/Makefile.in,
        classpath/native/jni/gtk-peer/Makefile.in,
        classpath/native/Makefile.in, classpath/native/jawt/Makefile.in,
        classpath/native/fdlibm/Makefile.in,
        classpath/native/plugin/Makefile.in,
        classpath/resource/Makefile.in, classpath/scripts/Makefile.in,
        classpath/tools/Makefile.in, classpath/doc/Makefile.in,
        classpath/doc/api/Makefile.in, classpath/lib/Makefile.in,
        classpath/external/Makefile.in, classpath/external/jsr166/Makefile.in,
        classpath/external/sax/Makefile.in,
        classpath/external/w3c_dom/Makefile.in,
        classpath/external/relaxngDatatype/Makefile.in,
        classpath/include/Makefile.in,
        classpath/examples/Makefile.in: Regenerate.
        * classpath/config.guess, classpath/config.sub,
        classpath/ltmain.sh : Update.
        * classpath/configure, classpath/depcomp, classpath/missing,
        classpath/aclocal.m4, classpath/install-sh: Regenerate.

        * gnu/classpath/Configuration.java (CLASSPATH_VERSION): Now 0.95.
        * sources.am: Regenerate.
        * Makefile.in: Regenerate.

        * Update the .class files and generated CNI header files, add new
        .class and generated CNI header files.
        * Remove generated files for removed java source files:
        classpath/gnu/java/net/BASE64.java,
        classpath/gnu/java/security/util/Base64.java,
        classpath/gnu/java/awt/peer/gtk/GThreadMutex.java,
        classpath/gnu/java/awt/peer/gtk/GThreadNativeMethodRunner.java,
        classpath/gnu/java/awt/font/autofit/Scaler.java,
        classpath/gnu/classpath/jdwp/util/Value.java,
        classpath/gnu/javax/net/ssl/Base64.java.
        * Remove empty directories.

        * Makefile.am(nat_source_files): Add natVMOperatingSystemMXBeanImpl.cc.
        * java/lang/Class.java(setAccessible): Merge from classpath.
        * java/util/Locale.java: Remove.
        * gnu/java/lang/management/VMOperatingSystemMXBeanImpl.java,
        gnu/java/lang/management/natVMOperatingSystemMXBeanImpl.cc: New.
        * gcj/javaprims.h: Update class declarations.
        * scripts/classes.pl: Update usage.
        * HACKING: Mention to build all peers.


git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@125302 138bc75d-0d04-0410-961f-82ee72b054a4

9 files changed, 616 insertions, 127 deletions

diff --git a/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java b/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java
index 50bc6d367d7..c451762f8e0 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/CertificatePolicies.java
@@ -1,5 +1,5 @@
 /* CertificatePolicies.java -- certificate policy extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -61,8 +61,8 @@ public class CertificatePolicies extends Extension.Value
 
   public static final OID ID = new OID("2.5.29.32");
 
-  private final List policies;
-  private final Map policyQualifierInfos;
+  private final List<OID> policies;
+  private final Map<OID, List<PolicyQualifierInfo>> policyQualifierInfos;
 
   // Constructor.
   // -------------------------------------------------------------------------
@@ -76,8 +76,9 @@ public class CertificatePolicies extends Extension.Value
       throw new IOException("malformed CertificatePolicies");
 
     int len = 0;
-    LinkedList policyList = new LinkedList();
-    HashMap qualifierMap = new HashMap();
+    LinkedList<OID> policyList = new LinkedList<OID>();
+    HashMap<OID, List<PolicyQualifierInfo>> qualifierMap
+      = new HashMap<OID, List<PolicyQualifierInfo>>();
     while (len < pol.getLength())
       {
         DERValue policyInfo = der.read();
@@ -92,7 +93,7 @@ public class CertificatePolicies extends Extension.Value
           {
             DERValue qual = der.read();
             int len2 = 0;
-            LinkedList quals = new LinkedList();
+            LinkedList<PolicyQualifierInfo> quals = new LinkedList<PolicyQualifierInfo>();
             while (len2 < qual.getLength())
               {
                 val = der.read();
@@ -109,8 +110,8 @@ public class CertificatePolicies extends Extension.Value
     policyQualifierInfos = Collections.unmodifiableMap(qualifierMap);
   }
 
-  public CertificatePolicies (final List policies,
-                              final Map policyQualifierInfos)
+  public CertificatePolicies (final List<OID> policies,
+                              final Map<OID, List<PolicyQualifierInfo>> policyQualifierInfos)
   {
     for (Iterator it = policies.iterator(); it.hasNext(); )
       if (!(it.next() instanceof OID))
@@ -129,54 +130,69 @@ public class CertificatePolicies extends Extension.Value
             throw new IllegalArgumentException
               ("policyQualifierInfos values must be Lists of PolicyQualifierInfos");
       }
-    this.policies = Collections.unmodifiableList (new ArrayList (policies));
+    this.policies = Collections.unmodifiableList (new ArrayList<OID>(policies));
     this.policyQualifierInfos = Collections.unmodifiableMap
-      (new HashMap (policyQualifierInfos));
+      (new HashMap<OID, List<PolicyQualifierInfo>>(policyQualifierInfos));
   }
 
   // Instance methods.
   // -------------------------------------------------------------------------
 
-  public List getPolicies()
+  public List<OID> getPolicies()
   {
     return policies;
   }
+  
+  /**
+   * Returns the list of policy OIDs, formatted as dotted-decimal strings.
+   *
+   * @return
+   */
+  public List<String> getPolicyStrings()
+  {
+    List<String> l = new ArrayList<String>(policies.size());
+    for (OID oid : policies)
+      {
+        l.add(oid.toString());
+      }
+    return l;
+  }
 
-  public List getPolicyQualifierInfos(OID oid)
+  public List<PolicyQualifierInfo> getPolicyQualifierInfos(OID oid)
   {
-    return (List) policyQualifierInfos.get(oid);
+    return policyQualifierInfos.get(oid);
   }
 
   public byte[] getEncoded()
   {
     if (encoded == null)
       {
-        List pol = new ArrayList (policies.size());
-        for (Iterator it = policies.iterator(); it.hasNext(); )
+        List<DERValue> pol = new ArrayList<DERValue>(policies.size());
+        for (Iterator<OID> it = policies.iterator(); it.hasNext(); )
           {
-            OID policy = (OID) it.next();
-            List qualifiers = getPolicyQualifierInfos (policy);
-            List l = new ArrayList (qualifiers == null ? 1 : 2);
-            l.add (new DERValue (DER.OBJECT_IDENTIFIER, policy));
+            OID policy = it.next();
+            List<PolicyQualifierInfo> qualifiers = getPolicyQualifierInfos(policy);
+            List<DERValue> l = new ArrayList<DERValue>(qualifiers == null ? 1 : 2);
+            l.add(new DERValue(DER.OBJECT_IDENTIFIER, policy));
             if (qualifiers != null)
               {
-                List ll = new ArrayList (qualifiers.size());
-                for (Iterator it2 = qualifiers.iterator(); it.hasNext(); )
+                List<DERValue> ll = new ArrayList<DERValue>(qualifiers.size());
+                for (Iterator<PolicyQualifierInfo> it2 = qualifiers.iterator(); it.hasNext(); )
                   {
-                    PolicyQualifierInfo info = (PolicyQualifierInfo) it2.next();
+                    PolicyQualifierInfo info = it2.next();
                     try
                       {
-                        ll.add (DERReader.read (info.getEncoded()));
+                        ll.add(DERReader.read(info.getEncoded()));
                       }
                     catch (IOException ioe)
                       {
                       }
                   }
-                l.add (new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, ll));
+                l.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, ll));
               }
-            pol.add (new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, l));
+            pol.add(new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, l));
           }
-        encoded = new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, pol).getEncoded();
+        encoded = new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, pol).getEncoded();
       }
     return (byte[]) encoded.clone();
   }
diff --git a/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java b/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java
index 37b08acf43e..428013d04bd 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/ExtendedKeyUsage.java
@@ -1,5 +1,5 @@
 /* ExtendedKeyUsage.java -- the extended key usage extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -56,7 +56,7 @@ public class ExtendedKeyUsage extends Extension.Value
 
   public static final OID ID = new OID("2.5.29.37");
 
-  private final List purposeIds;
+  private final List<OID> purposeIds;
 
   // Constructor.
   // -------------------------------------------------------------------------
@@ -69,13 +69,13 @@ public class ExtendedKeyUsage extends Extension.Value
     if (!usageList.isConstructed())
       throw new IOException("malformed ExtKeyUsageSyntax");
     int len = 0;
-    purposeIds = new LinkedList();
+    purposeIds = new LinkedList<OID>();
     while (len < usageList.getLength())
       {
         DERValue val = der.read();
         if (val.getTag() != DER.OBJECT_IDENTIFIER)
           throw new IOException("malformed KeyPurposeId");
-        purposeIds.add(val.getValue());
+        purposeIds.add((OID) val.getValue());
         len += val.getEncodedLength();
       }
   }
@@ -83,7 +83,7 @@ public class ExtendedKeyUsage extends Extension.Value
   // Instance method.
   // -------------------------------------------------------------------------
 
-  public List getPurposeIds()
+  public List<OID> getPurposeIds()
   {
     return Collections.unmodifiableList(purposeIds);
   }
diff --git a/libjava/classpath/gnu/java/security/x509/ext/Extension.java b/libjava/classpath/gnu/java/security/x509/ext/Extension.java
index 69251987ec9..2b7e96d5abc 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/Extension.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/Extension.java
@@ -1,5 +1,5 @@
 /* Extension.java -- an X.509 certificate or CRL extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -171,6 +171,10 @@ public class Extension
       {
         value = new ReasonCode(encval);
       }
+    else if (oid.equals(NameConstraints.ID))
+      {
+        value = new NameConstraints(encval);
+      }
     else
       {
         value = new Value(encval);
@@ -226,11 +230,11 @@ public class Extension
 
   public DERValue getDerValue()
   {
-    List ext = new ArrayList (3);
-    ext.add (new DERValue (DER.OBJECT_IDENTIFIER, oid));
-    ext.add (new DERValue (DER.BOOLEAN, Boolean.valueOf (critical)));
-    ext.add (new DERValue (DER.OCTET_STRING, value.getEncoded()));
-    return new DERValue (DER.CONSTRUCTED|DER.SEQUENCE, ext);
+    List<DERValue> ext = new ArrayList<DERValue>(3);
+    ext.add(new DERValue(DER.OBJECT_IDENTIFIER, oid));
+    ext.add(new DERValue(DER.BOOLEAN, Boolean.valueOf(critical)));
+    ext.add(new DERValue(DER.OCTET_STRING, value.getEncoded()));
+    return new DERValue(DER.CONSTRUCTED|DER.SEQUENCE, ext);
   }
 
   // Own methods.
diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralName.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralName.java
new file mode 100644
index 00000000000..fbc05339f6d
--- /dev/null
+++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralName.java
@@ -0,0 +1,232 @@
+/* GeneralName.java -- a GeneralName.
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.security.x509.ext;
+
+import gnu.java.security.der.DER;
+import gnu.java.security.der.DERReader;
+import gnu.java.security.der.DERValue;
+import gnu.java.security.x509.Util;
+
+import java.io.IOException;
+import java.util.Arrays;
+
+/**
+ * The GeneralName structure from X.509.
+ * 
+ * <pre>
+  GeneralName ::= CHOICE {
+    otherName                       [0]     OtherName,
+    rfc822Name                      [1]     IA5String,
+    dNSName                         [2]     IA5String,
+    x400Address                     [3]     ORAddress,
+    directoryName                   [4]     Name,
+    ediPartyName                    [5]     EDIPartyName,
+    uniformResourceIdentifier       [6]     IA5String,
+    iPAddress                       [7]     OCTET STRING,
+    registeredID                    [8]     OBJECT IDENTIFIER }
+
+  OtherName ::= SEQUENCE {
+    type-id    OBJECT IDENTIFIER,
+    value      [0] EXPLICIT ANY DEFINED BY type-id }
+
+  EDIPartyName ::= SEQUENCE {
+    nameAssigner            [0]     DirectoryString OPTIONAL,
+    partyName               [1]     DirectoryString }
+</pre>
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class GeneralName
+{
+  public static enum Kind
+  {
+    otherName (0),
+    rfc822Name (1),
+    dNSName (2),
+    x400Address (3),
+    directoryName (4),
+    ediPartyName (5),
+    uniformResourceIdentifier (6),
+    iPAddress (7),
+    registeredId (8);
+
+    private int tag;
+    
+    private Kind(int tag)
+    {
+      this.tag = tag;
+    }
+    
+    public static Kind forTag(final int tag)
+    {
+      switch (tag)
+      {
+        case 0: return otherName;
+        case 1: return rfc822Name;
+        case 2: return dNSName;
+        case 3: return x400Address;
+        case 4: return directoryName;
+        case 5: return ediPartyName;
+        case 6: return uniformResourceIdentifier;
+        case 7: return iPAddress;
+        case 8: return registeredId;
+      }
+      
+      throw new IllegalArgumentException("invalid tag: " + tag);
+    }
+    
+    public int tag()
+    {
+      return tag;
+    }
+  };
+
+  private final Kind kind;
+  private final byte[] name;
+  private final byte[] encoded;
+  
+  public GeneralName(byte[] encoded) throws IOException
+  {
+    DERReader reader = new DERReader(encoded);
+    DERValue value = reader.read();
+    
+    if (value.getTagClass() != DER.CONTEXT)
+      throw new IOException("malformed GeneralName");
+    
+    this.encoded = value.getEncoded();
+    
+    kind = Kind.forTag(value.getTag());
+    switch (kind)
+    {
+      case otherName:
+        name = value.getEncoded();
+        name[0] = (byte) (DER.CONSTRUCTED | DER.SEQUENCE);
+        // Skip the two fields of the name.
+        reader.read();  // OID
+        reader.read();  // Octet string
+        break;
+
+      case rfc822Name:
+        name = (byte[]) value.getValue();
+        break;
+
+      case dNSName:
+        name = (byte[]) value.getValue();
+        break;
+
+      case x400Address:
+        name = (byte[]) value.getValue();
+        break;
+
+      case directoryName:
+        name = value.getEncoded();
+        name[0] = (byte) (DER.CONSTRUCTED | DER.SEQUENCE);
+        break;
+
+      case ediPartyName:
+        name = value.getEncoded();
+        name[0] = (byte) (DER.CONSTRUCTED | DER.SEQUENCE);
+        break;
+
+      case uniformResourceIdentifier:
+        name = (byte[]) value.getValue();
+        break;
+
+      case iPAddress:
+        name = (byte[]) value.getValue();
+        break;
+
+      case registeredId:
+        name = value.getEncoded();
+        name[0] = DER.OBJECT_IDENTIFIER;
+        break;
+        
+      default:
+        name = null; // Not reached.
+    }
+  }
+  
+  public GeneralName(Kind kind, byte[] name)
+  {
+    this.kind = kind;
+    this.name = (byte[]) name.clone();
+    this.encoded = null;
+  }
+  
+  public Kind kind()
+  {
+    return kind;
+  }
+  
+  public byte[] name()
+  {
+    return (byte[]) name.clone();
+  }
+  
+  public byte[] encoded()
+  {
+    try
+      {
+        return (byte[]) encoded.clone();
+      }
+    catch (NullPointerException npe)
+      {
+        return null;
+      }
+  }
+  
+  public boolean equals(Object o)
+  {
+    try
+      {
+        GeneralName that = (GeneralName) o;
+        return (that.kind() == kind() && Arrays.equals(name, that.name));
+      }
+    catch (ClassCastException cce)
+      {
+        return false;
+      }
+  }
+  
+  public String toString()
+  {
+    return (super.toString() + " [ kind=" + kind + "; name=" +
+            Util.hexDump(name, "") + " ]");
+  }
+}
diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java
index b342cbd5f2e..f56ee963b9c 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralNames.java
@@ -38,106 +38,38 @@ exception statement from your version. */
 
 package gnu.java.security.x509.ext;
 
-import gnu.java.security.OID;
-import gnu.java.security.der.DER;
 import gnu.java.security.der.DERReader;
 import gnu.java.security.der.DERValue;
 
 import java.io.IOException;
-import java.net.InetAddress;
-import java.util.ArrayList;
 import java.util.Collections;
-import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 
-import javax.security.auth.x500.X500Principal;
-
 public class GeneralNames
 {
 
   // Instance methods.
   // -------------------------------------------------------------------------
 
-  public static final int OTHER_NAME     = 0;
-  public static final int RFC822_NAME    = 1;
-  public static final int DNS_NAME       = 2;
-  public static final int X400_ADDRESS   = 3;
-  public static final int DIRECTORY_NAME = 4;
-  public static final int EDI_PARTY_NAME = 5;
-  public static final int URI            = 6;
-  public static final int IP_ADDRESS     = 7;
-  public static final int REGISTERED_ID  = 8;
-
-  private List names;
+  private List<GeneralName> names;
 
   // Constructor.
   // -------------------------------------------------------------------------
 
   public GeneralNames(final byte[] encoded) throws IOException
   {
-    names = new LinkedList();
+    names = new LinkedList<GeneralName>();
     DERReader der = new DERReader(encoded);
     DERValue nameList = der.read();
     if (!nameList.isConstructed())
       throw new IOException("malformed GeneralNames");
     int len = 0;
-    int i = 0;
     while (len < nameList.getLength())
       {
         DERValue name = der.read();
-        List namePair = new ArrayList(2);
-        int tagClass = name.getTagClass();
-        if (tagClass != DER.CONTEXT)
-          throw new IOException("malformed GeneralName: Tag class is " + tagClass);
-        namePair.add(Integer.valueOf(name.getTag()));
-        DERValue val = null;
-        switch (name.getTag())
-          {
-          case RFC822_NAME:
-          case DNS_NAME:
-          case X400_ADDRESS:
-          case URI:
-            namePair.add(new String((byte[]) name.getValue()));
-            break;
-
-          case OTHER_NAME:
-            // MUST return the encoded bytes of the OID/OctetString sequence
-            byte[] anotherName = name.getEncoded();
-            anotherName[0] = (byte) (DER.CONSTRUCTED|DER.SEQUENCE);
-            namePair.add(anotherName);
-            // DERReader goes back on Constructed things so we need to skip over them
-            DERValue skip = der.read(); // skip OID
-            skip = der.read(); // skip Octet String
-            break;
-            
-          case EDI_PARTY_NAME:
-            namePair.add(name.getValue());
-            break;
-
-          case DIRECTORY_NAME:
-            byte[] b = name.getEncoded();
-            b[0] = (byte) (DER.CONSTRUCTED|DER.SEQUENCE);
-            DERReader r = new DERReader (b);
-            r.read ();
-            namePair.add(new X500Principal(r.read ().getEncoded ()).toString());
-            break;
-
-          case IP_ADDRESS:
-            namePair.add(InetAddress.getByAddress((byte[]) name.getValue())
-                         .getHostAddress());
-            break;
-
-          case REGISTERED_ID:
-            byte[] bb = name.getEncoded();
-            bb[0] = (byte) DER.OBJECT_IDENTIFIER;
-            namePair.add(new OID(bb).toString());
-            break;
-
-          default:
-            throw new IOException("unknown tag " + name.getTag());
-          }
-        names.add(namePair);
+        GeneralName generalName = new GeneralName(name.getEncoded());
+        names.add(generalName);
         len += name.getEncodedLength();
       }
   }
@@ -145,21 +77,9 @@ public class GeneralNames
   // Instance methods.
   // -------------------------------------------------------------------------
 
-  public List getNames()
+  public List<GeneralName> getNames()
   {
-    List l = new ArrayList(names.size());
-    for (Iterator it = names.iterator(); it.hasNext(); )
-      {
-        List ll = (List) it.next();
-        List pair = new ArrayList(2);
-        pair.add(ll.get(0));
-        if (ll.get(1) instanceof byte[])
-          pair.add(((byte[]) ll.get(1)).clone());
-        else
-          pair.add(ll.get(1));
-        l.add(Collections.unmodifiableList(pair));
-      }
-    return Collections.unmodifiableList(l);
+    return Collections.unmodifiableList(names);
   }
 
   public String toString()
diff --git a/libjava/classpath/gnu/java/security/x509/ext/GeneralSubtree.java b/libjava/classpath/gnu/java/security/x509/ext/GeneralSubtree.java
new file mode 100644
index 00000000000..5f6ffd98701
--- /dev/null
+++ b/libjava/classpath/gnu/java/security/x509/ext/GeneralSubtree.java
@@ -0,0 +1,156 @@
+/* GeneralSubtree.java -- 
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.security.x509.ext;
+
+import gnu.java.security.der.DERReader;
+import gnu.java.security.der.DERValue;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+/**
+ * The GeneralSubtree structure, a part of the {@link NameConstraints}
+ * extension.
+ *
+ * <pre>
+  GeneralSubtree ::= SEQUENCE {
+    base                    GeneralName,
+    minimum         [0]     BaseDistance DEFAULT 0,
+    maximum         [1]     BaseDistance OPTIONAL }
+
+  BaseDistance ::= INTEGER (0..MAX)</pre>
+ *
+ * @author Casey Marshall (csm@gnu.org)
+ */
+public class GeneralSubtree
+{
+  private final GeneralName base;
+  private final int minimum;
+  private final int maximum;
+  
+  public GeneralSubtree(byte[] encoded) throws IOException
+  {
+    DERReader reader = new DERReader(encoded);
+    DERValue generalSubtree = reader.read();
+    
+    if (!generalSubtree.isConstructed())
+      throw new IOException("malformed GeneralSubtree");
+    
+    DERValue generalName = reader.read();
+    base = new GeneralName(generalName.getEncoded());
+    if (generalName.isConstructed())
+      reader.skip(generalName.getLength());
+    
+    int len = generalName.getEncodedLength();
+    if (len < generalSubtree.getLength())
+      {
+        DERValue distance = reader.read();
+        if (distance.getTag() == 0)
+          {
+            minimum = ((BigInteger) distance.getValue()).intValue();
+            len += distance.getEncodedLength();
+            if (len < generalSubtree.getLength())
+              {
+                distance = reader.read();
+                if (distance.getTag() != 1)
+                  throw new IOException("unexpected tag "
+                                        + distance.getTag() +
+                                        " (expected 1 for GeneralSubtree maximum distance)");
+                maximum = ((BigInteger) distance.getValue()).intValue();
+              }
+            else
+              {
+                maximum = -1;
+              }
+          }
+        else if (distance.getTag() == 1)
+          {
+            minimum = 1;
+            maximum = ((BigInteger) distance.getValue()).intValue();
+          }
+        else
+          {
+            throw new IOException("unexpected tag " + distance.getTag()
+                                  + " (expected 0 or 1 for GeneralSubtree distance)");
+          }
+      }
+    else
+      {
+        minimum = 0;
+        maximum = -1;
+      }
+  }
+  
+  /**
+   * Returns the base name.
+   *
+   * @return The base name.
+   */
+  public GeneralName base()
+  {
+    return base;
+  }
+  
+  /**
+   * Returns the minimum base distance, possibly zero.
+   *
+   * @return The minimum base distance.
+   */
+  public int minimum()
+  {
+    return minimum;
+  }
+  
+  /**
+   * Returns the maximum base distance, or -1 if this value was not specified.
+   *
+   * @return The maximum base distance.
+   */
+  public int maximum()
+  {
+    return maximum;
+  }
+  
+  public String toString()
+  {
+    return (GeneralSubtree.class.getName() + " [ base=" + base
+            + "; minimum=" + minimum + "; maximim=" + maximum
+            + " ]");
+  }
+}
diff --git a/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java b/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java
index 8b017dc62d8..080070b9890 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/IssuerAlternativeNames.java
@@ -1,5 +1,5 @@
 /* IssuerAlternatuveNames.java -- issuer alternative names extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -65,7 +65,7 @@ public class IssuerAlternativeNames extends Extension.Value
   // Instance method.
   // -------------------------------------------------------------------------
 
-  public List getNames()
+  public List<GeneralName> getNames()
   {
     return names.getNames();
   }
diff --git a/libjava/classpath/gnu/java/security/x509/ext/NameConstraints.java b/libjava/classpath/gnu/java/security/x509/ext/NameConstraints.java
new file mode 100644
index 00000000000..607c4296642
--- /dev/null
+++ b/libjava/classpath/gnu/java/security/x509/ext/NameConstraints.java
@@ -0,0 +1,161 @@
+/* NameConstraints.java -- the NameConstraints X.509 extension.
+   Copyright (C) 2006  Free Software Foundation, Inc.
+
+This file is a part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
+USA
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library.  Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module.  An independent module is a module which is not derived from
+or based on this library.  If you modify this library, you may extend
+this exception to your version of the library, but you are not
+obligated to do so.  If you do not wish to do so, delete this
+exception statement from your version. */
+
+
+package gnu.java.security.x509.ext;
+
+import gnu.java.security.OID;
+import gnu.java.security.der.DERReader;
+import gnu.java.security.der.DERValue;
+import gnu.java.security.x509.ext.Extension.Value;
+
+import java.io.IOException;
+import java.util.Collections;
+import java.util.LinkedList;
+import java.util.List;
+
+/**
+ * The NameConstraints extension. From RFC 3280, section 4.2.1.11, this
+ * extension is defined as:
+ * 
+ * <pre>
+  id-ce-nameConstraints OBJECT IDENTIFIER ::=  { id-ce 30 }
+
+  NameConstraints ::= SEQUENCE {
+    permittedSubtrees       [0]     GeneralSubtrees OPTIONAL,
+    excludedSubtrees        [1]     GeneralSubtrees OPTIONAL }
+
+  GeneralSubtrees ::= SEQUENCE SIZE (1..MAX) OF GeneralSubtree
+
+  GeneralSubtree ::= SEQUENCE {
+    base                    GeneralName,
+    minimum         [0]     BaseDistance DEFAULT 0,
+    maximum         [1]     BaseDistance OPTIONAL }
+
+  BaseDistance ::= INTEGER (0..MAX)
+  </pre>
+ * 
+ * See also the classes {@link GeneralNames} and {@link GeneralSubtree}.
+ * 
+ * @author csm
+ */
+public class NameConstraints extends Value
+{
+  public static final OID ID = new OID("2.5.29.30");
+  
+  private List<GeneralSubtree> permittedSubtrees;
+  private List<GeneralSubtree> excludedSubtrees;
+  
+  public NameConstraints(byte[] encoded) throws IOException
+  {
+    super(encoded);
+    
+    DERReader der = new DERReader(encoded);
+    DERValue value = der.read();
+    if (!value.isConstructed())
+      {
+        throw new IOException("malformed NameConstraints");
+      }
+    
+    permittedSubtrees = new LinkedList<GeneralSubtree>();
+    excludedSubtrees = new LinkedList<GeneralSubtree>();
+    int len = 0;
+    if (len < value.getLength())
+      {
+        DERValue subtrees = der.read();
+        if (subtrees.getTag() == 0)
+          {
+            int len2 = 0;
+            while (len2 < subtrees.getLength())
+              {
+                DERValue subtree = der.read();
+                permittedSubtrees.add(new GeneralSubtree(subtree.getEncoded()));
+                der.skip(subtree.getLength());
+                len2 += subtree.getEncodedLength();
+              }
+            len += subtrees.getEncodedLength();
+            
+            if (len < value.getLength())
+              {
+                subtrees = der.read();
+                if (subtrees.getTag() != 1)
+                  throw new IOException("unexpected tag " + subtrees.getTag()
+                                        + " (expecting 1 for excludedSubtrees)");
+                len2 = 0;
+                while (len2 < subtrees.getLength())
+                  {
+                    DERValue subtree = der.read();
+                    excludedSubtrees.add(new GeneralSubtree(subtree.getEncoded()));
+                    der.skip(subtree.getLength());
+                    len2 += subtree.getEncodedLength();
+                  }
+              }
+          }
+        else if (subtrees.getTag() == 1)
+          {
+            int len2 = 0;
+            while (len2 < subtrees.getLength())
+              {
+                DERValue subtree = der.read();
+                excludedSubtrees.add(new GeneralSubtree(subtree.getEncoded()));
+                der.skip(subtree.getLength());
+                len2 += subtree.getEncodedLength();
+              }            
+          }
+        else
+          throw new IOException("unexpected tag " + subtrees.getTag()
+                                + " (expecting 0 or 1)");
+      }
+  }
+  
+  public List<GeneralSubtree> permittedSubtrees()
+  {
+    return Collections.unmodifiableList(permittedSubtrees);
+  }
+  
+  public List<GeneralSubtree> excludedSubtrees()
+  {
+    return Collections.unmodifiableList(excludedSubtrees);
+  }
+  
+  public String toString()
+  {
+    return NameConstraints.class.getName() + " [ permittedSubtrees="
+      + permittedSubtrees + "; excludedSubtrees=" + excludedSubtrees
+      + " ]";
+  }
+}
diff --git a/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java b/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java
index f88e854965f..8b6347d99a3 100644
--- a/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java
+++ b/libjava/classpath/gnu/java/security/x509/ext/SubjectAlternativeNames.java
@@ -1,5 +1,5 @@
 /* SubjectAlternatuveNames.java -- subject alternative names extension.
-   Copyright (C) 2004  Free Software Foundation, Inc.
+   Copyright (C) 2004, 2006  Free Software Foundation, Inc.
 
 This file is part of GNU Classpath.
 
@@ -65,7 +65,7 @@ public class SubjectAlternativeNames extends Extension.Value
   // Instance method.
   // -------------------------------------------------------------------------
 
-  public List getNames()
+  public List<GeneralName> getNames()
   {
     return names.getNames();
   }